Enhancement: cves/2015/CVE-2015-1427.yaml by mp
parent
ded63eb60b
commit
f72da0f8a4
|
@ -4,7 +4,7 @@ info:
|
||||||
name: ElasticSearch - Remote Code Execution
|
name: ElasticSearch - Remote Code Execution
|
||||||
author: pikpikcu
|
author: pikpikcu
|
||||||
severity: critical
|
severity: critical
|
||||||
description: Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script to the Groovy scripting engine.
|
description: ElasticSearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script to the Groovy scripting engine.
|
||||||
reference:
|
reference:
|
||||||
- https://blog.csdn.net/JiangBuLiu/article/details/94457980
|
- https://blog.csdn.net/JiangBuLiu/article/details/94457980
|
||||||
- http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/
|
- http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/
|
||||||
|
@ -49,4 +49,4 @@ requests:
|
||||||
status:
|
status:
|
||||||
- 200
|
- 200
|
||||||
|
|
||||||
# Enhanced by mp on 2022/05/10
|
# Enhanced by mp on 2022/05/11
|
||||||
|
|
Loading…
Reference in New Issue